Lucene search
K

176 matches found

Tenable Nessus
Tenable Nessus
added 2018/05/02 12:0 a.m.40 views

EulerOS 2.0 SP2 : squid (EulerOS-SA-2018-1075)

According to the versions of the squid packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability i...

7.5CVSS6.7AI score0.13149EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/03/09 12:0 a.m.35 views

SUSE SLES12 Security Update : squid (SUSE-SU-2018:0636-1)

This update for squid fixes the following issues: Security issues fixed : - CVE-2018-1000024: DoS fix caused by incorrect pointer handling when processing ESI responses. This affects the default custom esiparser bsc1077003. - CVE-2018-1000027: DoS fix caused by incorrect pointer handing whien...

7.5CVSS6.6AI score0.13149EPSS
Exploits0References7
Prion
Prion
added 2018/02/09 11:29 p.m.29 views

Design/Logic Flaw

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...

5CVSS7.4AI score0.08077EPSS
Exploits0References6Affected Software3
CVE
CVE
added 2018/02/09 11:0 p.m.322 views

CVE-2018-1000024

The CVE-2018-1000024 vulnerability affects Squid HTTP Caching Proxy (versions 3.0–3.5.27 and 4.0–4.0.22). It is caused by Incorrect Pointer Handling in ESI Response Processing, enabling a Denial of Service when a remote server delivers an HTTP response payload with valid but unusual ESI syntax. I...

7.5CVSS7.5AI score0.08077EPSS
Exploits0References6Affected Software1
AlpineLinux
AlpineLinux
added 2018/02/09 11:0 p.m.28 views

CVE-2018-1000024

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...

7.5CVSS7.7AI score0.08077EPSS
Exploits0
Cvelist
Cvelist
added 2018/02/09 11:0 p.m.24 views

CVE-2018-1000024

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...

7.5AI score0.08077EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2018/01/29 12:0 a.m.35 views

CVE-2018-1000024

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...

7.5CVSS6.8AI score0.08077EPSS
Exploits0References4
OSV
OSV
added 2018/01/29 12:0 a.m.2 views

UBUNTU-CVE-2018-1000024

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...

7.5CVSS6.9AI score0.08077EPSS
Exploits0References5
Mageia
Mageia
added 2018/01/24 10:37 p.m.14 views

Updated squid packages fix security vulnerabilities

Due to incorrect pointer handling Squid is vulnerable to denial of service attack when processing ESI responses. This problem allows a remote server delivering certain ESI response syntax to trigger a denial of service for all clients accessing the Squid service SQUID-2018:1. Due to incorrect...

2AI score
Exploits0References3
Check Point Advisories
Check Point Advisories
added 2016/11/01 12:0 a.m.6 views

Squid Proxy ESI Response Processing Denial of Service (CVE-2016-4555)

A denial of service vulnerability has been reported in the Edge Side Includes ESI component of the Squid proxy. The vulnerability is due to incorrect pointer handling when processing ESI responses. A remote attacker could exploit this vulnerability by sending crafted ESI response data to the targ...

5CVSS3AI score0.5392EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2016/09/07 12:0 a.m.6 views

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the secure-session function in the mm-video-v4l2 venc component of the Android operating system’s media server is related to incorrect handling of stack pointers. Exploiting this vulnerability could allow a local attacker to enhance their privileges through a specially create...

4.6CVSS7.2AI score0.002EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/07/25 12:0 a.m.38 views

Debian DSA-3625-1 : squid3 - security update

Several security issues have been discovered in the Squid caching proxy. - CVE-2016-4051 : CESG and Yuriy M. Kaminskiy discovered that Squid cachemgr.cgi was vulnerable to a buffer overflow when processing remotely supplied inputs relayed through Squid. - CVE-2016-4052 : CESG discovered that a...

8.8CVSS7.1AI score0.79969EPSS
Exploits1References18
BDU FSTEC
BDU FSTEC
added 2016/06/17 12:0 a.m.8 views

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability in the file mm-video-v4l2/vidc/vdec/src/omxvdecmsm8974.cpp of the Android operating system is related to incorrect pointer handling. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain increased privileges through a specially created applicatio...

9.3CVSS7.1AI score0.00419EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/06/17 12:0 a.m.5 views

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability in the file mm-video-v4l2/vidc/vdec/src/omxvdecmsm8974.cpp of the Android operating system is related to incorrect pointer handling. Exploiting this vulnerability can allow a malicious actor to gain increased privileges through a specially created application...

9.3CVSS7.1AI score0.00473EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2016/06/13 1:59 a.m.3 views

CVE-2016-2478

mm-video-v4l2/vidc/vdec/src/omxvdecmsm8974.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles pointers, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or...

7.8CVSS5.8AI score0.00419EPSS
Exploits0References2
OSV
OSV
added 2016/01/31 6:59 p.m.4 views

CVE-2016-1945

The nsZipArchive function in Mozilla Firefox before 44.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect use of a pointer during processing of a ZIP archive...

8.8CVSS7.4AI score0.0297EPSS
Exploits0References9
Prion
Prion
added 2015/05/19 6:59 p.m.15 views

Null pointer dereference

unzoo allows remote attackers to cause a denial of service infinite loop and resource consumption via unspecified vectors to the 1 ExtrArch or 2 ListArch function, related to pointer handling...

7.8CVSS7.3AI score0.02917EPSS
Exploits0References4
Cvelist
Cvelist
added 2015/05/19 6:0 p.m.19 views

CVE-2015-1846

unzoo allows remote attackers to cause a denial of service infinite loop and resource consumption via unspecified vectors to the 1 ExtrArch or 2 ListArch function, related to pointer handling...

6.7AI score0.02917EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2013/07/11 12:0 a.m.35 views

Microsoft Silverlight Remote Code Execution Vulnerabilities (2861561)

This host is missing a critical security update according to Microsoft Bulletin MS13-052. OpenVAS Vulnerability Test $Id: secpodsilverlightms13-052.nasl 8190 2017-12-20 09:44:30Z cfischer $ Microsoft Silverlight Remote Code Execution Vulnerabilities 2861561 Authors: Antu Sanadi Copyright: Copyrig...

9.3CVSS0.6AI score0.32378EPSS
Exploits0References3
Prion
Prion
added 2013/05/15 3:36 a.m.13 views

Spoofing

Microsoft Publisher 2003 SP3, 2007 SP3, and 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers incorrect pointer handling, aka "Publisher Pointer Handling Vulnerability."...

9.3CVSS8.1AI score0.20766EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder